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5 This application is a continuation of patent application serial number 09/578,635, 

filed May 25, 2000, entitled Validating a Transaction with User Voice Authentication 
Using Wireless Communications, which is hereby incorporated by reference into this 
patent application. 
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BACKGROUND OF THE INVENTION 

1. FIELD OF THE INVENTION 

The invention is related to the field of wireless communications, and in particular, 
to a system that validates a transaction with user voice authentication using wireless 
20 communications. 

2. DESCRIPTION OF THE PRIOR ART 

Enterprise communication systems are prevalent in most parts of the world. An 
enterprise communication system provides voice and data transfer within the enterprise 
and typically includes an intranet that allows for web-like interaction among enterprise 
25 personnel. The enterprise communication system also provides public telephone, 
Internet, and private data connectivity to the enterprise. 

Wireless communications between wireless phones and wireless communication 
systems is also prevalent in most parts of the world. The wireless communications 
include voice conversations, e-mail, and web sessions. Some wireless communication 
30 systems use push technology to select and provide information to the wireless phones. 

Wireless transceivers that interface with wireless phones and with public wireless 
base stations are being developed for private use. Unfortunately, these wireless 
transceivers have not been effectively used to provide an interface between wireless 
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phones and enterprise communication systems. Systems are needed that allow wireless 
phones to more effectively inter-operate with enterprise communication systems. This 
inadequate interface between wireless phones and enterprise communication systems 
becomes an acute problem when the wireless phone is used by a visitor to the enterprise 
5 who may need more or different information than enterprise personnel. 

These wireless transceivers face additional problems. Manual engineering is 
required to initially configure the transceivers to use the appropriate frequencies and 
signal strengths. Signal strength is especially critical with dense concentrations of spread 
spectrum systems because the signal represents noise to neighboring transceivers. Many 

1 0 enterprises or residence do not have the available engineering prowess to properly 
configure their transceivers. 

Technology has been developed to configure a computer for external 
communications when it is booted. The computer's CPU scans a range of memory 
addresses that are assigned to peripheral device interfaces. The CPU then installs the 

1 5 appropriate drivers for each interface that was detected to configure the computer for 
external communications. Such technology has not been applied effectively to wireless 
transceiver configuration. 

Since, many residences or enterprises cannot properly configure their transceivers, 
it is likely that the unauthorized use of frequencies and signal strengths will be a problem. 

20 Untrained users are likely to adjust or move their transceiver without regard to 
neighboring systems. Systems are needed to counter this problem. 

Transactions, such as purchases, are the key activity in many enterprises. Two 
important aspects of a transaction are user authentication and account code validation. 
Typically, user authentication is handled by a credit card with a user name and a 

25 transaction receipt with a user signature. Photographic identification, personal 

identification numbers, and voice recognition systems are also used to authenticate users. 
Account code validation is typically handled by point-of-sale terminals that request 
account code validation from a bank network. Unfortunately, credit cards are stolen and 
signatures are forged to defeat user authentication. Systems are needed that integrate 

30 effective user authentication into the enterprise systems described above. 
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SUMMARY OF THE INVENTION 

The invention solves the above problems with a system that validates a 
transaction with user voice authentication using wireless communications. 
Advantageously, wireless phone users are able to authenticate themselves and their 
5 account numbers in a secure manner to facilitate a transaction. Credit cards that can be 
stolen are not needed. Since authentication is by user voice, theft of the phone does not 
compromise account security. 

The system comprises a wireless interface coupled to a transaction manager. The 
wireless interface receives user information, including a user speech sample and a user 

10 account code, from a wireless communication device over a wireless communication link. 
In some examples of the invention, the wireless communication device is a wireless 
telephone that stores the account code and provides user prompts to facilitate the 
transaction. The transaction manager transfers the user speech sample and the user 
account code to a validation system. 

1 5 In response to the user speech sample and the user account code, the validation 

system generates validation information that indicates if the user is authentic and if the 
account code is valid. In some examples of the invention, the validation information 
includes a picture of the user. The validation system transfers the validation information 
to the transaction system. The transaction manager receives and displays validation 

20 information. 

BRIEF DESCRIPTION OF THE DRAWINGS 

The same reference number represents the same element on all drawings. 

FIG. 1 is a block diagram that illustrates a communication system for wireless 
25 enterprise communications in an example of the invention. 

FIG. 2 is a flow diagram that illustrates wireless enterprise communications in an 
example of the invention. 

FIG. 3 is a table diagram that illustrates a data structure for wireless enterprise 
communications in an example of the invention. 
30 FIG. 4 is a block diagram that illustrates a communication system with wireless 

transceiver configuration and management in an example of the invention. 
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FIG. 5 is a block diagram that illustrates a wireless transceiver and control system 
with wireless transceiver configuration and management in an example of the invention. 

FIG. 6 is a flow diagram that illustrates wireless transceiver configuration in an 
example of the invention. 
5 FIG. 7 is a table diagram that illustrates a data structure for wireless transceiver 

management in an example of the invention. 

FIG. 8 is a flow diagram that illustrates wireless transceiver management in an 
example of the invention. 

FIG. 9 is a block diagram that illustrates a system for wireless voice 
10 authentication and transaction validation in an example of the invention. 

FIG. 10 is a block diagram that illustrates wireless telephone in an example of the 
invention. 



DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT 

15 Wireless Enterprise Commu nications - FIGS 1-3 

FIGS. 1-3 depict a specific example of a communication system in accord with 
the present invention. Those skilled in the art will appreciate numerous variations from 
this example that do not depart from the scope of the invention. Those skilled in the art 
will also appreciate that various features described below could be combined to form 

20 multiple variations of the invention. 

FIG. 1 is a block diagram that illustrates a communication system 100 for wireless 
enterprise communications in an example of the invention. The communication system 
100 comprises communication device 102, public network cell 1 10, enterprise 120, and 
networks 130. Public network cell 110 includes public network base station 1 1 1 and 

25 control system 1 12. Enterprise 120 includes transceivers 121-123, respective enterprise 
cells 125-127, and server 124. 

Communication device 102 includes a public wireless communication interface 
and could comprise a telephone, portable computer, personal digital assistant, automobile 
system, or other similar device. The arrows on FIG. 1 indicate movement of 

30 communication device 102. Public network cell 110, base station 111, and control 
system 1 12 could comprise a conventional wireless system that is modified in accord 
with the invention. Control system 112 typically includes a Mobile Telephone Switching 
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Office (MTSO). Networks 130 could comprise conventional systems such as the PSTN, 
Internet, and private data networks. 

Enterprise 120 is an entity that is separate from the PSTN or Internet. Some 
examples of enterprise 120 include retail establishments, medical facilities, airports or 
5 train terminals, educational campuses, business campuses, government facilities, and 
recreational areas. For wireless communication and hand-offs, transceiver 121 operates 
similar to a conventional public network base station. Enterprise cell 125 is at least 
partially located in public network cell 110. Transceiver 121 receives a hand-off from 
public network base station 1 1 1 for wireless communication device 102 in response to 

10 wireless communication device 102 entering enterprise cell 125. Transceivers 121-123 
communicate over the air interface with wireless communication device 102 when 
wireless communication device is in their respective enterprise cells 125-126. For 
example, transceiver 121 hands-off wireless communication device 102 to transceiver 
123 in response to wireless communication device 102 moving from enterprise cell 125 

15 to enterprise cell 127, Transceivers 122-123 interface with communication device 102 
and server 124 similar to transceiver 121. Hand-offs occur between transceivers 121-123 
as communication device 102 moves among the respective enterprise cells 125-127. 

Server 124 exchanges information between enterprise 120 and wireless 
communication device 102 through the wireless transceiver 121 in response to the hand- 

20 off between base station 1 1 1 and transceiver 121. Server 124 identifies and authorizes 
communication device 102 and the user of communication device 102. Server 124 
selects the information for the user based on the identity, position, and user of 
communication device 102, in addition to, user responses and requests. 

The information exchange could be an enterprise 120 intranet session. The 

25 information may represent interactive enterprise menus, enterprise maps, product or 
person locators, product information, order and payment information, promotions, and 
media clips. Product information may indicate features and options, availability, and 
price. For example, the information might allow a user to select a product type, identify 
available products, compare available product features and prices, order and pay for a 

30 selected product, and locate where the purchased product can be picked-up. 

The position of communication device 102 could be obtained through 
triangulation across transceivers or other techniques, such as satellite positioning. If 
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server 124 selects the information based on the position of communication device 102, 
then the information may be related to promotions or products of proximate shops and 
restaurants. 

Server 124 provides communication device 102 with access to networks 130 
5 through transceivers 121-123 and control system 112. The access includes Internet 
access, PSTN access, private data network access. The access could be continuous 
during any hand-offs. 

FIG. 2 is a flow diagram that illustrates wireless enterprise communications in an 
example of the invention. Wireless communication device 102 is registered with public 

1 0 network base station 1 1 1 in public network cell 1 1 0. Wireless communication device 
102 enters enterprise cell 125 and attempts to register with transceiver 121. Server 124 
informs control system 1 12 of the attempt. Control system 1 12 determines whether to 
hand-off communications device 102 to enterprise 120. The determination could be 
based on system capacity, device ID, user ID, user prompt and response, signal strength, 

1 5 services in use, error rates, or other such criteria. If the determination is negative, then 
wireless communication device 102 continues to use public network base station 1 1 1 in 
public network cell 1 10. If the determination is positive, then control system 112 
instructs public network base station 1 1 1 to hand-off wireless communication device 1 02 
to enterprise transceiver 121 . Control system 1 12 switches access between wireless 

20 communication device 102 and networks 130 from base station 1 1 1 to server 124, so 
sessions are continuous through the hand-off. 

In response to the hand-off, control system 112 generates an accounting event for 
the access switch noting communication device 102, services invoked, and the time, so 
billing for wireless communication device 102 is properly tracked between 

25 communication system 100 and enterprise 120. Numerous billing schemes could be 
implemented in this fashion. Communication system 100 may bill enterprise 120, and 
not the user, for access after the switch. Communication system 100 may bill the user at 
a reduced rate for access after the switch. Enterprise 120 may bill the user for access after 
the switch. Enterprise 120 could offer promotions to discount or forgive this bill based 

30 on user activity within the enterprise, such as money spent, time spent, or services used. 
Enterprise 120 may bill communications system 100 for access after the switch. 
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Reciprocal billing schemes could be implemented on a hand-off from enterprise 120 to 
public network cell 1 10. 

Server 124 identifies and authorizes communication device 102 and its user. 
Server 124 gets the position of wireless communication device 102 within enterprise 120 
5 and selects and transfers information to wireless communication device 102. If the user 
logs-off, then server 124 instructs control system 1 12 of the log-off and instructs 
transceiver 121 to hand-off wireless communication device 102 to public network base 
station 111. Control system 1 12 switches access between wireless communication device 
102 and networks 130 from transceiver 121 back to public network base station 111. 

10 If the user does not log-off, but requests more information, then server 124 

transfers the additional information to wireless communication device 102. If the user 
does not log-off or request more information, but requests a service, then server 124 
authorizes and provides the sendee. Server 124 repeatedly gets the position of wireless 
communication device 102 within enterprise 120 and selects and transfers information to 

15 wireless communication device 102 based on the position. In some examples, server 124 
reports the position of wireless communication device to control system 112. Log-off 
may also occur automatically if communication device 102 is not detected within 
enterprise 120 for a specified time period. 

FIG. 3 is a table diagram that illustrates a data structure 324 for wireless 

20 enterprise communications in an example of the invention. Server 124 houses and 

maintains data structure 124. Data structure 124 is populated with data related to device 
position, device ID, user ID, information code, information time-out, user responses, and 
services invoked. Data structure 124 could also include other information, such as device 
type, error rate, jitter, media security, encryption, and static presence. Asterisks indicate 

25 wildcards. At position XI Yl, any device or user is provided with information for code 
100 for two minutes. Code 100 could be a main menu for enterprise 120. If the user 
responds with selection "A", an enterprise map service is provided. Device 7020 receives 
different information based on whether the user is Bill or Ann. Bill obtains a movie list 
while Ann obtains sales promotions. At position X2Y2, any device or user is provided 

30 with information for code 203 for two minutes. Position X2Y2 could be proximate to a 
food court and code 203 could be a selection of restaurants. If the user responds with 
selection "A", then a menu for the selected restaurant is provided. Regardless of device 
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or position, Jim gets a continuous security service. Regardless of position or user, device 
8432 gets continuous web access, and device 8458 gets continuous PSTN access. 

Wireless Transceiver Configuration and Management - F IGS 4-8 
5 FIGS. 4-8 depict a specific example of a communication system in accord with 

the present invention. Those skilled in the art will appreciate numerous variations from 
this example that do not depart from the scope of the invention. Those skilled in the art 
will also appreciate that various features described above and below could be combined 
to form multiple variations of the invention. 

10 FIG. 4 is a block diagram that illustrates communication system 400 with wireless 

transceiver configuration and management in an example of the invention. 
Communication system 400 comprises control system 412, wireless transceivers 421-424, 
and respective cells 425-428. Receivers W, X, Y, and Z are shown along with an 
unknown transmitter indicated by the question mark. Wireless transceivers 421-424 

15 could comprise an enterprise or could each comprise an individual enterprise or 
residence. 

FIG. 5 is a block diagram that illustrates wireless transceiver 424 and control 
system 412 in an example of the invention. Wireless transceiver 424 comprises central 
processing unit 550 coupled to boot logic 551, memory 552, transceiver circuits 553, 

20 communication interface 554, and management logic 555. Control system 412 comprises 
central processing unit 560 coupled to control logic 661, memory 562, communication 
interface 563, and display 564. Communication interface 554 is coupled to 
communication interface 563, although transceiver 424 and control system 412 could 
communicate over a wireless link. Memory 552 includes memory addresses and 

25 associated frequencies. 

FIG. 6 is a flow diagram that illustrates wireless transceiver configuration in an 
example of the invention. At start-up, CPU 550 executes boot logic 551 which directs 
transceiver 424 to perform the following operations. CPU 550 scans addresses in 
memory 552 that are associated with frequencies. The frequencies may be represented by 

30 codes, and the term "frequency" includes a single frequency, a code that is associated 
with a frequency, or a frequency range. In response to the scan, CPU 550 uses 
transceiver circuit 553 to detect signals 565 and determine signal levels for the 
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frequencies. CPU 550 transfers a first message indicating the signal levels for the 
frequencies through communication interface to control system 412. 

Communication interface 563 receives the first message and forwards it to CPU 
560. CPU 560 executes control logic 561 which directs control system 412 to perform 
5 the following operations. CPU 560 checks each frequency for an assignment to another 
transceiver. CPU 560 checks the signal levels at the unassigned frequencies. CPU 560 
selects a set of unassigned frequencies without significant signal interference for 
assignment to transceiver 424. CPU 560 also notes any unassigned frequencies with 
significant signal levels for possible unauthorized use. CPU transfers a second message 

10 to transceiver 424 through communication interface 563. Communication interface 554 
receives the second message and forwards it to CPU 550. CPU 550 stores the selected set 
of frequencies for subsequent wireless communication. The selected set of frequencies 
may include only one frequency. 

FIG. 7 is a table diagram that illustrates a data structure for wireless transceiver 

1 5 management in an example of the invention. CPU 560 maintains the data structure in 
memory 562. The data structure contains transceiver data from transceivers 421-424 and 
lists the transceiver that reports the data. The data structure includes transmitter ID and 
position, receiver ID and position, signal frequency and strength, minimum and 
maximum signal strength thresholds, and alarms. Alarm signals are generated by 

20 comparing signal strength to the minimum and maximum thresholds. The data structure 
shows an alarm that transceiver 421 is exceeding a maximum signal strength threshold. 
The data structure shows an alarm that transceiver 422 is below a minimum signal 
strength threshold. The data structure also shows an alarm that an unknown transmitter at 
position X9Y9 is using frequency E. 

25 FIG. 8 is a flow diagram that illustrates wireless transceiver management in an 

example of the invention. CPU 550 executes management logic 555 and CPU 560 
executes control logic 561 which respectively direct transceiver 424 and control system 
412 to perform the following operations. Periodically, CPU 550 scans addresses in 
memory 552 that are associated with frequencies. In response to the scan, CPU 550 uses 

30 transceiver circuit 553 to detect signals 565 and determine transmitters, receivers, and 
signal levels for the frequencies. CPU 550 transfers a message to control system 412 
through communication interface 554 indicating the transmitters, receivers, and signal 
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levels for the frequencies. Transceivers 421-423 perform a similar operation. 
Communication interface 563 receives the messages and forwards them to CPU 560. 

CPU 560 loads the transceiver data into the data structure within memory 562. 
CPU 560 also determines positions, possibly using a triangulation technique, and loads 
5 the position data into the data structure within memory 562. CPU 560 checks for 

unknown transmitters or receivers to generate alarms. CPU 560 compares signal levels to 
maximum and minimum thresholds to generate maximum and minimum alarms. CPU 
560 sends signals display 564 to display the alarms. Display 564 shows that transceiver 
421 at position XI Yl has exceeded the maximum threshold. Display 564 shows that 
1 0 transceiver 422 at position X2Y2 is below the minimum threshold. Display 564 shows 
that an unknown transmitter at position X9Y9 is unauthorized. 

Wireless Voice Authentication and Transaction Validation - FIGS 9-10 

FIGS. 9-10 depict a specific example of wireless voice authentication and 

15 transaction validation in accord with the present invention. Those skilled in the art will 
appreciate numerous variations from this example that do not depart from the scope of the 
invention. Those skilled in the art will also appreciate that various features described 
below could be combined to form multiple variations of the invention. 

FIG. 9 is a block diagram that illustrates system 930 for wireless voice 

20 authentication and transaction validation in an example of the invention. The transaction 
could be the purchase of a product using an account number. The account number could 
be a credit account number or a bank account number. 

System 930 comprises transaction system 901 that is within enterprise 900 and 
that is coupled to validation system 920. Transaction system 901 comprises wireless 

25 interface 902 and transaction manager 903. Validation system 920 comprises voice 

authentication system 921 and account validation system 922. Wireless communication 
device 910 is operated by a user and communicates with wireless interface 902 over 
wireless communication link 904. Communications over wireless link 904 and between 
systems 901 and 920 could be encrypted. 

30 Enterprise 900, wireless interface 902, and wireless communication device 910 

could be respectively similar to the enterprises, wireless transceivers, and wireless 
communication devices of FIGS. 1-8. Transaction manager 903 could be integrated into 
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the servers or control systems of FIGS. 1-8. Wireless interface 902 and transaction 
manager 903 could also be implemented within a point-of-sale terminal. Wireless 
communication device 910 could be a wireless telephone configured to communicate 
with a public wireless network. 
5 In operation, wireless communication device 910 and wireless interface 902 

establish wireless communication link 904. Wireless interface 902 receives user 
information including a user speech sample and a user account code from wireless 
communication device 910 over wireless communication link 904, Wireless interface 
902 transfers the user information to transaction manager 903. 

10 Transaction manager 903 transfers the user speech sample to voice authentication 

system 921. Voice authentication system 921 compares the user speech sample to a 
previous speech sample from the user. Voice authentication system 921 generates 
validation information to indicate if the user is authentic based on the comparison. Voice 
authentication system 921 may also retrieve a picture of the user and include the picture 

15 in the validation information. Voice authentication system 921 transfers the validation 
information to transaction manager 903. 

Transaction manager 903 receives the validation information from voice 
authentication system 921, and if the validation information indicates that the user is 
authentic, then transaction manager 903 transfers the account code to account code 

20 validation system 922. Although, the account code validation is conditional on user 
authentication in this example, authentication and validation could be flip-flopped in 
time, or they could occur in parallel 

Account code validation system 922 processes the user account code to generate 
validation information that indicates if the user account code is valid. Account code 

25 validation system 922 may also retrieve a picture of the user and include the picture in the 
validation information. Account code validation system 922 may also retrieve 
transaction requirements for a valid transaction, such as permitted transactions and 
purchase amounts, and include the transaction requirements in the validation information. 
Account code validation system 922 transfers the validation information to transaction 

30 manager 903. Transaction manager 903 receives and displays the validation information. 
Transaction manager 903 may also validate the transaction based on the validation 
information. 
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FIG. 10 is a block diagram that illustrates wireless telephone 1000 in an example 
of the invention. Wireless telephone 1000 is an example of wireless communication 
device 910 in FIG. 9. Wireless telephone 1000 comprises display 1001, memory 1002, 
microphone 1003, keys 1004, control circuitry 1005, and wireless interface 1006. FIG. 
5 1 0 has been simplified for clarity, and those skilled in the art will appreciate that some 
conventional aspects of wireless telephone 1000 have been omitted or simplified. 

Wireless telephone 1000 is configured to operate as follows. Memory 1002 stores 
a list of user account codes. Control circuitry 1005 directs display 1001 to display a user 
prompt for a voice-authenticated transaction. In response to a user selection from keys 
10 1004 for a voice-authenticated transaction, control circuitry 1005 directs display 1001 to 
display a user prompt to select an account code from the list of user account codes. In 
response to a user selection from keys 1004 of the user account code, control circuitry 
1005 directs display 1001 to display a user prompt for a user speech sample. 

Microphone 1003 receives the user speech sample. Control circuitry directs the 
1 5 wireless interface 1 006 to transfer the user speech sample and the account code to 

wireless interface 902 in transaction system 901 over wireless communication link 904. 
Wireless interface 1006 encrypts and transfers the user speech sample and the account 
code as directed. 

After the transaction, wireless interface 1006 receives a transaction code, product 
20 identification, and purchase price for the transaction. Control circuitry 1005 directs 
memory 1002 to store the transaction code, product identification, purchase price, and 
date for the transaction. Control system 1005 also directs memory 1002 to store an 
account balance for the account code. 

The above-described control, logic, and data structures are comprised of 
25 instructions that are stored on storage media. The instructions can be retrieved and 
executed by a processor. Some examples of instructions are software, program code, and 
firmware. Some examples of storage media are memory devices, tape, disks, integrated 
circuits, and servers. The instructions are operational when executed by the processor to 
direct the processor to operate in accord with the invention. The term "processor" refers 
30 to a single processing device or a group of inter-operational processing devices. Some 
examples of processors are computers, integrated circuits, and logic circuitry. Those 
skilled in the art are familiar with instructions, processors, and storage media. 
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Those skilled in the art will appreciate variations of the above-described 
embodiments that fall within the scope of the invention. As a result, the invention is not 
limited to the specific examples and illustrations discussed above, but only by the 
following claims and their equivalents. 
5 I claim: 
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